This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A vulnerability in MySQL prior to 5.0.45 did not require priveliges
such as SELECT for the source table in a CREATE TABLE LIKE statement,
allowing remote authenticated users to obtain sensitive information
such as the table structure (CVE-2007-3781).
A vulnerability in the InnoDB engine in MySQL allowed remote
authenticated users to cause a denial of service (database crash) via
certain CONTAINS operations on an indexed column, which triggered an
assertion error (CVE-2007-5925).
Using RENAME TABLE against a table with explicit DATA DIRECTORY and
INDEX DIRECTORY options could be used to overwrite system table
information by replacing the file to which a symlink pointed to
The updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.1